Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Incogni Personal Information Removal Service Review: Hands Off My Data!

    March 29, 2023

    Twitter suffers a concerning data leak, company suspects ex-employee behind it

    March 28, 2023

    Demand for digital data protection bill gathers steam

    March 27, 2023
    Facebook Twitter Instagram
    Your Infotech
    • Data

      Incogni Personal Information Removal Service Review: Hands Off My Data!

      March 29, 2023

      Twitter suffers a concerning data leak, company suspects ex-employee behind it

      March 28, 2023

      Demand for digital data protection bill gathers steam

      March 27, 2023

      Sharing sensitive business data with ChatGPT could be risky

      March 23, 2023

      Governments request for user data from Apple, Google rises; India ranks no. 1 in Southern Asia: Report

      March 20, 2023
    • Cloud

      Google opens Italy’s second cloud region in Turin city

      March 24, 2023

      France’s OVH expands into India amid growing cloud adoption

      March 21, 2023

      Govt plans incentive scheme for cloud startups to thwart Microsoft, Amazon, and Google domination

      March 17, 2023

      Intellect launches eMACH.ai for banks to use cloud services with embedded AI

      March 14, 2023

      Chinese AI groups use cloud services to evade US chip export controls

      March 9, 2023
    • Networking

      Arista Modernizes Routing in the Wide Area Network

      March 22, 2023

      Amazon’s AWS cozies up to carriers to launch 2 services to build and operate networks in the cloud

      February 22, 2023

      META PLATFORMS SPENT OVER $1 BILLION ON ARISTA NETWORKING IN 2022

      February 17, 2023

      Microsoft Teams and Outlook are down due to a ‘networking issue’

      January 25, 2023

      Warning to those with older phones 3G networks are to be scrapped starting this year

      January 23, 2023
    • Virtualization

      Imagination and Telechips drive automotive display diversity with hardware virtualization

      March 16, 2023

      Device virtualization is key to IoT adoption

      March 3, 2023

      Discover how virtualization can transform your business with this online training

      February 7, 2023

      Server Virtualization Software Market Next Big Thing | Major Giants IBM, Oracle, Microsoft

      February 2, 2023

      Global Data Virtualization Market Report 2022: Featuring Oracle, IBM, Cisco, Salesforce, Workday, Alteryx, Domo, Ceros, Cluvio & Qliktech International

      January 26, 2023
    • IT Infrastructure

      TCS+ | The need for speed: Braintree’s Heath Huxtable on modern IT infrastructure

      March 13, 2023

      The race to net zero: Six ways to slash IT infrastructure emissions

      March 10, 2023

      Vertiv and TechAccess partner to boost African IT infrastructure solutions

      February 28, 2023

      It Infrastructure Market Size 2023 Research Report with Technological Factors and Forecast till 2025

      February 21, 2023

      Geojit to build 1.25 lakh sq ft IT infrastructure in Infopark

      February 14, 2023
    Your Infotech
    Home»Virtualization»Intel boosts VM security, and guards against stack attacks in new Xeon release
    Virtualization

    Intel boosts VM security, and guards against stack attacks in new Xeon release

    yourinfotechBy yourinfotechJanuary 11, 2023Updated:January 11, 2023No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp VKontakte Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Intel today announced the fourth generation of its Xeon server chipsets, detailing several new features under the company’s confidential computing security umbrella. The most notable upgrades were enhancements to Intel’s trusted execution environment and a new technique for combating jump- and return-oriented programming attacks.

    The fourth generation of Xeon processors introduces a number of new features across the board, including significant improvements to energy efficiency, AI processing, and edge workload handling, but virtual machine (VM) isolation technology and control flow enforcement are the security highlights. The former method provides hardware-level VM isolation without the need for hypervisor oversight — rather than a single app living inside a trusted environment, a whole VM can.

    There are numerous options, for trusted execution environments in other areas of the stack, but Intel fellow Amy Santoni, the company’s chief Xeon security architect, said that not all of them offer the same capabilities or meet the same standards.

    Intel aims to secure virtual environments
    “It depends on your goals for a trusted environment,” she said. “If you look at the cloud today, you can have multiple tenants running on the same hardware with virtualization technology, but in just a regular cloud environment, the hypervisor still has access to all those VM’s data if you allow them to —there’s nothing at a hardware level to prevent a VM from accessing data.”

    That isolation is provided via Intel’s Trust Domain Extensions framework, which already works with Azure, Google Cloud, Alibaba, and IBM — no timeline was provided for AWS integration at the time of this writing.

    Control flow enforcement is a feature that Intel has already implemented in its endpoint-focused Core line of processors, but is new to the Xeon family, aimed at stamping out a family of cyberattack techniques called return-oriented and jump-oriented programming. The idea with such attacks is to rearrange the order in which pieces of code are provided back to the application, for malicious purposes.

    “So I can take snippets of real, released code but I’m able to manipulate their order,” explained Santoni.

    Control flow enforcement, however, adds a secondary or “shadow stack” to the normal stack used to order the execution of instructions. It’s completely inaccessible to programmers, so, the idea goes, it can’t be manipulated by a bad actor. The order of instructions is compared to the “shadow stack,” which throws an error if they’re not in the correct sequence.

    Finally, Intel’s already-announced Project Amber is present in Xeon’s fourth generation. This is what the company describes as an out-of-station capability for its trusted execution environment, allowing users to validate that their workloads are running on Intel hardware, regardless of information provided by cloud service providers.

    “The idea is to provide customers the ability to validate the configuration of the environment they’re running in,” said Santoni. “It doesn’t mean that the CSPs don’t provide that, it’s an additional option — when you buy a used car from a dealer, you [still] might want to take it to an independent mechanic.”

    Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
    Previous ArticleCES 2023: How 5G Will Bring the Metaverse and Future Commerce Into Focus
    Next Article MAKING IT EASIER TO BREAK THE SONIC BARRIER FOR NETWORKING
    yourinfotech
    • Website

    Related Posts

    Imagination and Telechips drive automotive display diversity with hardware virtualization

    March 16, 2023

    Device virtualization is key to IoT adoption

    March 3, 2023

    Discover how virtualization can transform your business with this online training

    February 7, 2023

    Server Virtualization Software Market Next Big Thing | Major Giants IBM, Oracle, Microsoft

    February 2, 2023

    Leave A Reply Cancel Reply

    Our Picks

    Subscribe to Updates

    Get the latest creative news from Your Infotech about Information Technology.

    About Us
    About Us

    We provide a wide range of customized, integrated B2B and B2C digital marketing services solutions that are ideal for your business.

    We're accepting new partnerships right now.

    Email Us: info@yourmartech.com
    Contact: +1-530-518-1420

    Our Brands
    • Your Martech
    • Your HR Tech
    • Your Fin Tech
    • Your Revenue
    • Your Bio Tech
    • Your POS Tech
    • Your Health Tech
    SUBSCRIBE NOW
    Loading
    LinkedIn
    • Privacy Policy
    © 2023 Vigarbiz Inc. Designed by Vigarbiz Media.

    Type above and press Enter to search. Press Esc to cancel.